Add pki.ini override option

Allow to specify a pki.ini overlay file on the command line. The override file can be used to override pkispawn settings. Fixes: https://pagure.io/freeipa/issue/5608 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Fraser Tweedale <ftweedal@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-09-03 12:45:30 +02:00
parent f847d7756f
commit dd47cfc75a
13 changed files with 412 additions and 183 deletions
--- a/install/tools/ipa-ca-install.in
+++ b/install/tools/ipa-ca-install.in
@@ -86,6 +86,7 @@ def parse_options():
                      type="choice", choices=ca_algos,
                      metavar="{{{0}}}".format(",".join(ca_algos)),
                      help="Signing algorithm of the IPA CA certificate")
+
    parser.add_option("-P", "--principal", dest="principal", sensitive=True,
                      default=None, help="User allowed to manage replicas")
    parser.add_option("--subject-base", dest="subject_base",
@@ -101,6 +102,10 @@ def parse_options():
                          "(default CN=Certificate Authority,O=<realm-name>). "
                          "RDNs are in LDAP order (most specific RDN first)."))

+    parser.add_option("--pki-config-override", dest="pki_config_override",
+                      default=None,
+                      help="Path to ini file with config overrides.")
+
    options, args = parser.parse_args()
    safe_options = parser.get_safe_opts(options)